package com.af.security.auth.util.session;

import com.af.security.property.SecurityProperties;
import com.af.service.AfRedirectService;
import org.springframework.security.web.session.InvalidSessionStrategy;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author : zhenyun.su
 * @comment : 会话无效后，则重新进行登录页面，
 * 防止进入循环
 * @since : 2020/3/30
 */

@Component
public class AfInvalidSessionStrategy implements InvalidSessionStrategy {
    private SecurityProperties securityProperties;
    private AfRedirectService redirectService;

    public AfInvalidSessionStrategy(SecurityProperties securityProperties, AfRedirectService redirectService) {
        this.securityProperties = securityProperties;
        this.redirectService = redirectService;
    }

    @Override
    public void onInvalidSessionDetected(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        redirectService.redirectPage(httpServletRequest, httpServletResponse, securityProperties.getLoginPage());
    }
}
